<?php
// +----------------------------------------------------------------------
// | 云业内容管理系统 (云业CMS或yunyecms)
// +----------------------------------------------------------------------
// | Copyright (c) 2016-2030 http://www.yunyecms.com All rights reserved.
// +----------------------------------------------------------------------
// | Author: 云业科技 <kefu@yunyecms.com>
// +----------------------------------------------------------------------
//YmM0OWM5ZWY1ODk5ZGRkNzM0NUxxUjVMaWE1WWFGNWE2NTU2Nmg1NUNHNTdPNzU3dWZJQ2prdXBIa3VKcERUVlBtaUpaNWRXNTVaV050Y3lrc1EyOXdlWEpwWjJoMElDaGpLU0F5TURFMkxUSXdNekFnYUhSMGNEb3ZMM2QzZHk1NWRXNTVaV050Y3k1amIyMGdRV3hzSUhKcFoyaDBjeUJ5WlhObGNuWmxaQzRnUVhWMGFHOXlPaURsaUpqbW1aUHBvNTRnUERFMU1EQXpNakU1UUhGeExtTnZiVDQ9OGQ3ZTc5OTU5YjQ0MmEyNWQxNGVlMzg2ZmQyODM2OTkzNGE
//MD5:c610bc3d074f2ea0c833d32de3bfa0c3
// +----------------------------------------------------------------------
defined('IN_YUNYECMS') or exit('No permission.');
core::load_class('base', false);
core::load_fun('content');
core::load_fun('tree');
class index extends base
{
	public $curmodel;
	function __construct()
	{
		parent::__construct();
	}
	//首页
	public function index()
	{
		global $lang, $cfg;
		$seo['title'] = $this->lang["seotitle"];
		$seo['keywords'] = $this->lang["seokey"];
		$seo['description'] = $this->lang["seodesc"];
		$rootcat = $this->rootcat;
		$cat = $this->cat;
		if ($cat) $catid = $cat["id"];
		if ($rootcat) $rootcatid = $cat["id"];
		include tpl();
	}

	public function lists()
	{
		$seo['title'] = $this->lang["seotitle"];
		$seo['keywords'] = $this->lang["seokey"];
		$seo['description'] = $this->lang["seodesc"];
		$cfg = $this->cfg;
		$lang = $this->lang;
		$rootcat = $this->rootcat;
		$cat = $this->cat;
		$rootcatid = $rootcat["id"];
		$langlist = getlang();
		if (empty($cat) || !is_numeric($cat['id']) || !is_numeric($cat['modelid'])) {
			messagebox("错误的参数", "back", 'warn');
		}
		if ($cat) {
			$catid = $cat["id"];
			$this->curmodel = getmodel($cat["modelid"]);
			$seo['title'] = empty($cat["title"]) ? $seo["title"] : $cat["title"] . '-' . $seo['title'];
			$seotitle_pre = empty($cat["title"]) ? '' : $cat["title"] . ',';
			$seo["keywords"] = (empty($cat["keywords"]) ? $seotitle_pre : $cat["keywords"] . ',') . $seo["keywords"];
			$seo["description"] = (empty($cat["description"]) ? $seotitle_pre : strip_tags($cat["description"])) . $seo["description"];
		}
		$tablename = "m_" . $this->curmodel['tablename'];
		$pagesize = empty($rootcat["pages"]) ? 20 : $rootcat["pages"];
		$sqlquery = "select * from `#yunyecms_{$tablename}`  ";
		$where = " where status=1  ";
		$sqlcnt = " select count(*) from `#yunyecms_{$tablename}` ";
		$order = " order by `addtime` desc ";
		if (isset($_REQUEST)) {
			if (!empty($_REQUEST["searchkey"])) {
				$searchkey = usafestr(trim($_REQUEST["searchkey"]));
				$where = $where . " and ( `title`  like '%{$searchkey}%' )";
			}
			$catid = $cat['id'];
			if (!is_numeric($catid)) {
				messagebox("错误的参数", "back", 'warn');
			}
			$catid = usafestr($catid);
			if (!empty($catid)) {
				$parentid = getparentid($catid);
				$subcat = get_cat_child($catid);
				$catidstr = implode(',', $subcat);
				$where = $where . " and catid in($catidstr)";
				$where = $where . "or FIND_IN_SET($catid,catids) ";
			}
		}
		//计算栏目访问权限
		$haspower = 0;
		$visitor = get_visitor($this->db); //取得游客会员组
		if ($this->member) {
			$groupid = $this->member["groupid"];
			if (empty($groupid)) $groupid = $visitor['id'];
		} else {
			$groupid = $visitor['id'];
		}
		$mygroup = $this->db->find("select * from `#yunyecms_membergroup`  where id=$groupid");
		if (empty($mygroup)) {
			if ($this->cfg["content"]["list"])  messagebox("会员组不存在");
		}
		if (!get_member_power('info', 'view', $groupid)) {
			if ($this->cfg["content"]["list"])	messagebox("您所在的会员组没有信息查看权限", $_SERVER['HTTP_REFERER'], "info");
		} else {
			//取得栏目权限
			$catpower = fetch_mem_cat_power($groupid);
			if (!empty($catpower)) {
				//取得拥有查看权限的分类ID
				$catpwerid = get_mem_power_catid($catpower);
			} else {
				if (is_visitor($groupid, $this->db)) {
					$haspower = 1;
				} else {
					if ($this->cfg["content"]["list"])	messagebox("您所在的会员组没有信息查看权限", $_SERVER['HTTP_REFERER'], "info");
				}
			}
		}
		$subcat = get_cat_child($catid);
		$catidstr = implode(',', $subcat);
		if (!empty($catpwerid)) {
			$newcat = array_intersect($subcat, $catpwerid);
			$messagetip = "暂时没有{$this->curcat["title"]}信息";
			if (empty($newcat)) {
				if ($this->cfg["content"]["list"]) messagebox("您所在的会员组没有访问{$this->cat["title"]}信息的权限", 'back', "info");
			} else {
				$haspower = 1;
				$exptime = $this->member["exptime"];
				if ($exptime && $exptime <= time()) {
					messagebox("您的会员已到期！请联系管理员", $_SERVER['HTTP_REFERER'], "info");
				}
				$catidstr = implode(',', $newcat);
				$where = $where . " and catid in($catidstr)";
			}
		} else {
			if ($this->cfg["content"]["list"]) messagebox("您所在的会员组没有访问{$this->cat["title"]}信息的权限", 'back', "info");
		}
		//访问权限结束
		$modelfields = $this->db->select("select * from `#yunyecms_modelfields`  where modelid={$this->curmodel['modelid']} and language=1 and issys=0 and issearch=1 and isadd=1 order by ordernum ");
		foreach ($modelfields as $key => $var) {
			$formctrl = $var[formctrl];
			$fdname = $var[fdname];
			if ($formctrl == 'checkbox' || $formctrl == 'radio') {
				$postfdname = usafestr(trim($_REQUEST[$fdname]));
				if (!empty($postfdname)) {
					$where = $where . "and FIND_IN_SET($postfdname,$fdname) ";
				}
			} else {
				$postfdname = usafestr(trim($_REQUEST["searchkey"]));
				if (!empty($postfdname)) {
					$where = $where . " or( $fdname ='$postfdname' ) ";
				}
			}
		}
		$list = array();
		$page = "";
		$pagearr = $this->db->pagelist($sqlcnt, $sqlquery, $where, $order, $pagesize);
		if ($pagearr["count"] != 0) {
			$list = $pagearr["query"];
			if (isset($list)) {
				foreach ($list as $key => $var) {
					if ($var['pic']) {
						if (strlen(RD) > 0 && stripos($list[$key]["pic"], RD) === FALSE) {
							$list[$key]["pic"] = RD . $list[$key]["pic"];
						}
					}
					$list[$key]["downurl"] = url("download", array("catid" => $var["catid"], "id" => $var['id']));
					$list[$key]["url"] = !empty($var['exlink']) ? $var['exlink'] : geturl($var['catid'], $var['id']);
					if (!empty($var['content'])) $list[$key]["content"] = uhtmlspecialchars_decode($var["content"]);
					$modelarr = $this->db->find("select modelid  from `#yunyecms_category` where `id`= {$var['catid']}");
					if ($modelarr) {
						$list[$key]["modelid"] = $modelarr["modelid"];
					}
				}
			}
			$page = $pagearr["page"];
		}
		$tplfile = gettpl($cat['tpllist'], $rootcat['tpllist'], $this->curmodel['tpllist']);
		include tpl($tplfile);
	}
	public function home()
	{
		$seo['title'] = $this->lang["seotitle"];
		$seo['keywords'] = $this->lang["seokey"];
		$seo['description'] = $this->lang["seodesc"];
		$cfg = $this->cfg;
		$lang = $this->lang;
		$rootcat = $this->rootcat;
		$cat = $this->cat;
		$rootcatid = $rootcat["id"];
		if (empty($cat) || !is_numeric($cat['id']) || !is_numeric($cat['modelid'])) {
			messagebox("错误的参数", "back", 'warn');
		}
		if ($cat) {
			$catid = $cat["id"];
			$parentid = getparentid($catid);
			$this->curmodel = getmodel($cat["modelid"]);
			$tablename = "m_" . $this->curmodel['tablename'];
			$seo['title'] = empty($cat["title"]) ? $seo["title"] : $cat["title"] . '-' . $seo['title'];
			$seotitle_pre = empty($cat["title"]) ? '' : $cat["title"] . ',';
			$seo["keywords"] = (empty($cat["keywords"]) ? $seotitle_pre : $cat["keywords"] . ',') . $seo["keywords"];
			$seo["description"] = (empty($cat["description"]) ? $seotitle_pre : strip_tags($cat["description"])) . $seo["description"];
		}
		$tplfile = gettpl($cat['tplhome'], $rootcat['tplhome'], $this->curmodel['tplhome']);
		include tpl($tplfile);
	}

	public function singlepage()
	{
		$seo['title'] = $this->lang["seotitle"];
		$seo['keywords'] = $this->lang["seokey"];
		$seo['description'] = $this->lang["seodesc"];
		$cfg = $this->cfg;
		$lang = $this->lang;
		$rootcat = $this->rootcat;
		$cat = $this->cat;
		$rootcatid = $rootcat["id"];
		if (empty($cat) || !is_numeric($cat['id']) || !is_numeric($cat['modelid'])) {
			messagebox("错误的参数", "back", 'warn');
		}
		if ($cat) {
			$catid = $cat["id"];
			$parentid = getparentid($catid);
			$this->curmodel = getmodel($cat["modelid"]);
			$tablename = "m_" . $this->curmodel['tablename'];
			$seo['title'] = empty($cat["title"]) ? $seo["title"] : $cat["title"] . '-' . $seo['title'];
			$seotitle_pre = empty($cat["title"]) ? '' : $cat["title"] . ',';
			$seo["keywords"] = (empty($cat["keywords"]) ? $seotitle_pre : $cat["keywords"] . ',') . $seo["keywords"];
			$seo["description"] = (empty($cat["description"]) ? $seotitle_pre : strip_tags($cat["description"])) . $seo["description"];
		}
		$modelfields = $this->db->select("select * from `#yunyecms_modelfields`  where modelid={$this->curmodel['modelid']}  and issys=0 ");
		$row = $this->db->find("select * from `#yunyecms_{$tablename}`  where id={$catid}");
		foreach ($modelfields as $key => $var) {
			$ofdname = $var['fdname'];
			$row[$ofdname] = uhtmlspecialchars_decode($row[$ofdname]);
		}
		$row['pic'] = dopic($row['pic']);
		$row['content'] = doimgs($row['content']);
		if (empty($row)) {
			messagebox(Lan('error_parameter'));
		}
		$tplfile = gettpl($cat['tplcontent'], $rootcat['tplcontent'], $this->curmodel['tplcontent'], '', 3);
		include tpl($tplfile);
	}

	public function show()
	{
		$seo['title'] = $this->lang["seotitle"];
		$seo['keywords'] = $this->lang["seokey"];
		$seo['description'] = $this->lang["seodesc"];
		$cfg = $this->cfg;
		$lang = $this->lang;
		$rootcat = $this->rootcat;
		$cat = $this->cat;
		$rootcatid = $rootcat["id"];
		if (empty($cat) || !is_numeric($cat['id']) || !is_numeric($cat['modelid'])) {
			messagebox("错误的参数", "back", 'warn');
		}
		$token = "<script language=\"javascript\" src=\"" . ROOT . "index.php?m=api&c=index&a=get_member_token\"></script>";
		if ($cat) {
			$catid = $cat["id"];
			$parentid = getparentid($catid);
			$modelid = $cat["modelid"];
		}
		if (empty($modelid)) {
			messagebox(Lan('content_model_notexist'));
		} else {
			$this->curmodel = getmodel($modelid);
			$tablename = "m_" . $this->curmodel['tablename'];
		}
		$modelfields_all = $this->db->select("select * from `#yunyecms_modelfields`  where modelid={$modelid}  and issys=0 ");
		if (!empty($_GET["id"])) {
			$id = trim($_GET["id"]);
			if (!is_numeric($id)) {
				messagebox(Lan('error_parameter'), "back", 'warn');
			}
			$id = usafestr($id);
			$id = getreal_id($id, $lang['id'], $tablename, $this->db);
			$row = $this->db->find("select * from `#yunyecms_{$tablename}`  where id={$id}");
			if (empty($row)) {
				messagebox(Lan('error_parameter'));
			}

			$rowpower = $row['ispower'];
			$haspower = 0;
			$hasinfopower = 0;
			$visitor = get_visitor($this->db); //取得游客会员组
			if ($this->member) {
				$groupid = $this->member["groupid"];
				if (empty($groupid)) $groupid = $visitor['id'];
			} else {
				$groupid = $visitor['id'];
			}
			$isvisitor = is_visitor($groupid, $this->db);
			$mygroup = $this->db->find("select * from `#yunyecms_membergroup`  where id=$groupid");
			if (empty($mygroup)) {
				if ($this->cfg["content"]["list"])  messagebox("会员组不存在");
			}
			if (!get_member_power('info', 'view', $groupid)) {
				if ($this->cfg["content"]["list"])	messagebox("您所在的会员组没有信息查看权限", $_SERVER['HTTP_REFERER'], "info");
			} else {
				//取得栏目权限
				$catpower = fetch_mem_cat_power($groupid);
				if (!empty($catpower)) {
					//取得拥有查看权限的分类ID
					$catpwerid = get_mem_power_catid($catpower);
				} else {
					if (is_visitor($groupid, $this->db)) {
						if (is_visitor($rowpower, $this->db) || empty($rowpower)) {
							$haspower = 1;
							$hasinfopower = 1;
						} else {
							$haspower = 1;
							$hasinfopower = 0;
						}
					} else {
						if ($this->cfg["content"]["list"])	messagebox("您所在的会员组没有信息查看权限", $_SERVER['HTTP_REFERER'], "info");
					}
				}
			}
			$subcat = get_cat_child($catid);
			$catidstr = implode(',', $subcat);
			if (!empty($catpwerid)) {
				$newcat = array_intersect($subcat, $catpwerid);
				$messagetip = "暂时没有{$this->curcat["title"]}信息";
				if (empty($newcat)) {
					if ($this->cfg["content"]["show"]) messagebox("您所在的会员组没有访问{$this->cat["title"]}信息的权限", 'back', "info");
				} else {
					if ($isvisitor) {
						if (is_visitor($rowpower, $this->db) || empty($rowpower)) {
							$haspower = 1;
							$hasinfopower = 1;
						} else {
							$haspower = 1;
							$hasinfopower = 0;
						}
					}
					if ($groupid == 2) {
						$exptime = $this->member["exptime"];
						if ($exptime && $exptime <= time()) {
							messagebox("您的会员已到期！请联系管理员", $_SERVER['HTTP_REFERER'], "info");
						}
						$haspower = 1;
						$hasinfopower = 1;
					}
					if ($groupid == 1) {
						if ($rowpower == 2) {
							$haspower = 1;
							$hasinfopower = 0;
						} elseif ($rowpower == $groupid || empty($rowpower)) {
							$haspower = 1;
							$hasinfopower = 1;
						} elseif (is_visitor($rowpower, $this->db)) {
							$haspower = 1;
							$hasinfopower = 1;
						}
					}
				}
			} else {
				if ($this->cfg["content"]["show"]) messagebox("您所在的会员组没有访问{$this->cat["title"]}信息的权限", 'back', "info");
			}

			$prevsql = '';
			$nextsql = '';
			if ($catid != '') {
				$prevsql = " addtime>=" . $row['addtime'] . " and id<>" . $id . "   and catid=" . $catid . "";
				$nextsql = " addtime<=" . $row['addtime'] . "  and id<>" . $id . "   and catid=" . $catid . "";
			} else {
				$prevsql = " addtime>=" . $row['addtime'] . " and id<>" . $id . "  ";
				$nextsql = " addtime<=" . $row['addtime'] . "  and id<>" . $id . "  ";
			}
			$prev = $this->db->find("select * from `#yunyecms_{$tablename}`  where {$prevsql} order by addtime asc limit 0,1");
			if ($prev) {
				$prev["url"] = !empty($prev['exlink']) ? $prev['exlink'] : geturl($prev['catid'], $prev['id']);
			}
			$next = $this->db->find("select * from `#yunyecms_{$tablename}`  where {$nextsql}  order by addtime desc limit 0,1");
			if ($next) {
				$next["url"] = !empty($next['exlink']) ? $next['exlink'] : geturl($next['catid'], $next['id']);
			}
			if (URL_MODEL != 5) {
				$this->db->query("update  `#yunyecms_{$tablename}` set hits=hits+1  where id={$id}");
			}
			$row['time'] = udate($row['addtime']);
			$row['jshits'] = "<script language=\"javascript\" src=\"" . ROOT . "index.php?m=api&c=index&a=get_content_hits&id={$id}&catid={$catid}\"></script>";
			foreach ($modelfields_all as $key => $var) {
				$fdname = $var['fdname'];
				$formctrl = $var['formctrl'];
				if (isset($row[$fdname])) {
					if ($formctrl == "editor") {
						$row[$fdname] = doimgs($row[$fdname]);
						$row[$fdname] = remove_style($row[$fdname]);
					} else {
						$row[$fdname] = uhtmlspecialchars_decode($row[$fdname]);
					}
				}
			}
			$row["downurl"] = url("download", array("catid" => $row["catid"], "id" => $id));
			if (!empty($row["morepic"])) {
				$row["morepic"] = unserialize($row["morepic"]);
				foreach ($row["morepic"] as $k => $var) {
					$row['morepic'][$k] = dopic($var);
				}
			}
			$row['pic'] = dopic($row['pic']);
			$seo["description"] = (empty($row["seodesc"]) ? strcut(trim(strip_tags($row["content"])), 200) : $row["seodesc"] . ',' . $cat["description"]);
			$seo['title'] = (empty($row["seotitle"]) ? $row["title"] : $row["seotitle"]) . '-' . $cat["title"] . '-' . $seo['title'];
			$seo["keywords"] = (empty($row["seokeywords"]) ? $row["title"] : $row["seokeywords"]) . ',' . $seo["keywords"];
		}
		$tplfile = gettpl($cat['tplcontent'], $rootcat['tplcontent'], $this->curmodel['tplcontent'], $row['template'], 2);
		include tpl($tplfile);
	}

	public function download()
	{
		$seo['title'] = $this->lang["seotitle"];
		$seo['keywords'] = $this->lang["seokey"];
		$seo['description'] = $this->lang["seodesc"];
		$cfg = $this->cfg;
		$lang = $this->lang;
		$rootcat = $this->rootcat;
		$cat = $this->cat;
		$rootcatid = $rootcat["id"];
		if (empty($cat) || !is_numeric($cat['id']) || !is_numeric($cat['modelid'])) {
			messagebox("错误的参数", "back", 'warn');
		}
		$token = "<script language=\"javascript\" src=\"" . ROOT . "index.php?m=api&c=index&a=get_member_token\"></script>";
		if ($cat) {
			$catid = $cat["id"];
			$parentid = getparentid($catid);
			$modelid = $cat["modelid"];
		}
		if (empty($modelid)) {
			messagebox(Lan('content_model_notexist'));
		} else {
			$this->curmodel = getmodel($modelid);
			$tablename = "m_" . $this->curmodel['tablename'];
		}
		$modelfields_all = $this->db->select("select * from `#yunyecms_modelfields`  where modelid={$modelid}  and issys=0 ");
		if (!empty($_GET["id"])) {
			$id = trim($_GET["id"]);
			if (!is_numeric($id)) {
				messagebox(Lan('error_parameter'), "back", 'warn');
			}
			$id = usafestr($id);
			$id = getreal_id($id, $lang['id'], $tablename, $this->db);
			$row = $this->db->find("select * from `#yunyecms_{$tablename}`  where id={$id}");
			if (empty($row)) {
				messagebox(Lan('error_parameter'));
			}
			$prevsql = '';
			$nextsql = '';
			if ($catid != '') {
				$prevsql = " addtime>=" . $row['addtime'] . " and id<>" . $id . "   and catid=" . $catid . "";
				$nextsql = " addtime<=" . $row['addtime'] . "  and id<>" . $id . "   and catid=" . $catid . "";
			} else {
				$prevsql = " addtime>=" . $row['addtime'] . " and id<>" . $id . "  ";
				$nextsql = " addtime<=" . $row['addtime'] . "  and id<>" . $id . "  ";
			}
			$prev = $this->db->find("select * from `#yunyecms_{$tablename}`  where {$prevsql} order by addtime asc limit 0,1");
			if ($prev) {
				$prev["url"] = url("show", array("catid" => $prev["catid"], "id" => $prev["id"]));
			}
			$next = $this->db->find("select * from `#yunyecms_{$tablename}`  where {$nextsql}  order by addtime desc limit 0,1");
			if ($next) {
				$next["url"] = url("show", array("catid" => $next["catid"], "id" => $next["id"]));
			}
			$this->db->query("update  `#yunyecms_{$tablename}` set hits=hits+1  where id={$id}");
			$row['time'] = udate($row['addtime']);
			foreach ($modelfields_all as $key => $var) {
				$fdname = $var['fdname'];
				if (isset($row[$fdname])) {
					$row[$fdname] = uhtmlspecialchars_decode($row[$fdname]);
				}
			}

			$rowpower = $row['ispower'];
			$haspower = 0;
			$hasinfopower = 0;
			$strtip = "";
			$picfile = $row["picfile"];
			$ziyuanurl = $picfile;
			if (empty($picfile)) {
				messagebox("该资源文件不存在");
			}
			$infourl = url("show", array('catid' => $catid, 'id' => $id));
			$visitor = get_visitor($this->db); //取得游客会员组
			if ($this->member) {
				$groupid = $this->member["groupid"];
				if (empty($groupid)) $groupid = $visitor['id'];
			} else {
				$groupid = $visitor['id'];
			}
			$isvisitor = is_visitor($groupid, $this->db);
			$mygroup = $this->db->find("select * from `#yunyecms_membergroup`  where id=$groupid");
			if (empty($mygroup)) {
				messagebox("会员组不存在");
			}
			if (!get_member_power('info', 'view', $groupid)) {
				messagebox("您所在的会员组没有下载权限", $infourl, "info");
			} else {
				//取得栏目权限
				$catpower = fetch_mem_cat_power($groupid);
				if (!empty($catpower)) {
					//取得拥有查看权限的分类ID
					$catpwerid = get_mem_power_catid($catpower);
				} else {
					if (is_visitor($groupid, $this->db)) {
						$haspower = 1;
						$hasinfopower = 1;
					} else {
						messagebox("您所在的会员组没有下载权限", $infourl, "info");
					}
				}
			}
			$subcat = get_cat_child($catid);
			$catidstr = implode(',', $subcat);
			if (!empty($catpwerid)) {
				$newcat = array_intersect($subcat, $catpwerid);
				$messagetip = "暂时没有{$this->curcat["title"]}信息";
				if (empty($newcat)) {
					messagebox("您所在的会员组没有下载该栏目资源的权限,请联系管理员！", $infourl, "info");
				} else {
					if ($isvisitor) {
						if (is_visitor($rowpower, $this->db) || empty($rowpower)) {
							$haspower = 1;
							$hasinfopower = 1;
						} else {
							$haspower = 1;
							$hasinfopower = 0;
						}
					}
					if ($groupid == 2) {
						$exptime = $this->member["exptime"];
						if ($exptime && $exptime <= time()) {
							messagebox("您的会员已到期！请联系管理员", $_SERVER['HTTP_REFERER'], "info");
						} else {
							$haspower = 1;
							$hasinfopower = 1;
						}
					}
					if ($groupid == 1) {
						if ($rowpower == 2) {
							messagebox("该资源需VIP会员才能下载，请联系管理员，谢谢！", $infourl, "info");
						} elseif ($rowpower == $groupid || empty($rowpower)) {
							$haspower = 1;
							$hasinfopower = 1;
						} elseif (is_visitor($rowpower, $this->db)) {
							$haspower = 1;
							$hasinfopower = 1;
						}
					}
				}
			} else {
				messagebox("您所在的会员组没有下载权限", $infourl, "info");
			}

			if ($haspower && $hasinfopower) {
				if (empty($row['downnum'])) {
					$data["downnum"] = 0;
					$where["id"] = $id;
					$retres = $this->db->update($data, $where, $tablename);
					$this->db->query("update  `#yunyecms_{$tablename}` set downnum=downnum+1  where id={$id}");
				} else {
					$this->db->query("update  `#yunyecms_{$tablename}` set downnum=downnum+1  where id={$id}");
				}
				header("Location: $ziyuanurl");
				exit;
			} else {
				messagebox("您所在的会员组没有下载权限", $infourl, "info");
			}
			$seo["description"] = (empty($row["seodesc"]) ? strcut(trim(strip_tags($row["content"])), 200) : $row["seodesc"] . ',' . $cat["description"]);
			$seo['title'] = (empty($row["seotitle"]) ? $row["title"] : $row["seotitle"]) . '-' . $cat["title"] . '-' . $seo['title'];
			$seo["keywords"] = (empty($row["seokeywords"]) ? $row["title"] : $row["seokeywords"]) . ',' . $seo["keywords"];
		}
		$tplfile = gettpl($cat['tplcontent'], $rootcat['tplcontent'], $this->curmodel['tplcontent'], $row['template'], 2);
		include tpl($tplfile);
	}



	public function customform()
	{
		$seo['title'] = $this->lang["seotitle"];
		$seo['keywords'] = $this->lang["seokey"];
		$seo['description'] = $this->lang["seodesc"];
		$cfg = $this->cfg;
		$lang = $this->lang;
		$rootcat = $this->rootcat;
		$cat = $this->cat;
		$rootcatid = $rootcat["id"];
		if (empty($cat) || !is_numeric($cat['id']) || !is_numeric($cat['modelid'])) {
			messagebox("错误的参数", "back", 'warn');
		}
		if ($cat) {
			$catid = $cat["id"];
			$parentid = getparentid($catid);
			$this->curmodel = getmodel($cat["modelid"]);
			$seo['title'] = empty($cat["title"]) ? $seo["title"] : $cat["title"] . '-' . $seo['title'];
			$seotitle_pre = empty($cat["title"]) ? '' : $cat["title"] . ',';
			$seo["keywords"] = (empty($cat["keywords"]) ? $seotitle_pre : $cat["keywords"] . ',') . $seo["keywords"];
			$seo["description"] = (empty($cat["description"]) ? $seotitle_pre : strip_tags($cat["description"])) . $seo["description"];
		}
		$tplfile = gettpl($cat['tplcontent'], $rootcat['tplcontent'], $this->curmodel['tplcontent'], '', 3);
		include tpl($tplfile);
	}

	public function formadd()
	{
		$cfg = $this->cfg;
		$lang = $this->lang;
		$rootcat = $this->rootcat;
		$cat = $this->cat;
		$rootcatid = $rootcat["id"];
		if (empty($cat) || !is_numeric($cat['id']) || !is_numeric($cat['modelid'])) {
			messagebox("错误的参数", "back", 'warn');
		}
		if ($cat) {
			$catid = $cat["id"];
			$modelid = $cat["modelid"];
		}
		if (empty($modelid)) {
			messagebox(Lan('content_model_notexist'));
		} else {
			$this->curmodel = getmodel($modelid);
			$tablename = "m_" . $this->curmodel['tablename'];
		}
		$modelfields = $this->db->select("select * from `#yunyecms_modelfields`  where modelid={$modelid}  and isadd=1 ");
		$modelfields_required = $this->db->select("select * from `#yunyecms_modelfields`  where modelid={$modelid}  and isrequired=1 ");
		$_POST = ustripslashes($_POST);
		$token = trim($_POST["token"]);
		if (empty($token) || $token != $_SESSION['token']) {
			messagebox(Lan('illegal_submit'));
		}
		$ip = getip();
		$data["ip"] = $ip;
		$data["lang"] = $lang['id'];
		$todaytime = getToday();
		$cntcheckone = $this->db->GetCount("select count(*) from `#yunyecms_{$tablename}` where  addtime>={$todaytime['start']} and addtime<{$todaytime['end']}  and ip='$ip'");
		if ($cntcheckone >= 10) {
			messagebox(Lan('submit_daylimit'));
		}
		$data["catid"] = usafestr(trim($_POST["catid"]));
		$data["addtime"] = time();
		$data["status"] = 1;
		if (!empty($this->member)) {
			$data["userid"] = $this->member["id"];
		}
		$body = "";
		foreach ($modelfields as $key => $var) {
			$fdname = $var['fdname'];
			$fdtitle = $var['fdtitle'];
			if (isset($_POST[$fdname])) {
				$data[$fdname] = usafestr(trim($_POST[$fdname]));
				$emailcfg = $this->cfg;
				if ($emailcfg['isfeedbackmail']) {
					$body = $body . "{$var['fdtitle']}:{$data[$fdname]}<br/>";
				}
			}
		}
		if (!empty($_POST['name'])) {
			$title = usafestr($_POST['name']);
		} elseif (!empty($_POST['mobile'])) {
			$title = usafestr($_POST['mobile']);
		} elseif (!empty($_POST['phone'])) {
			$title = usafestr($_POST['phone']);
		}
		if ($emailcfg['isfeedbackmail']) {
			$to = $emailcfg['email']['toemail'];
			$name = $title;
			$subject = sprintf(lan('form_email_msg'), $title, $cat['title']);
			send_mail($emailcfg['email'], $to, $name, $subject, $body);
		}
		foreach ($modelfields_required as $key => $var) {
			$fdname = $var['fdname'];
			$fdtitle = $var['fdtitle'];
			if (empty($data[$fdname])) {
				messagebox(sprintf(lan('required_fdtitle'), $fdtitle));
			}
		}
		if (empty($data["catid"]) || !is_numeric($data["catid"])) {
			messagebox(lan('error_parameter'));
		}
		$retres = $this->db->insert($data, $tablename);
		if ($retres) {
			messagebox(sprintf(lan('form_info_ok'), $cat['title']), url('customform', array('catid' => $catid)), "success");
		} else {
			messagebox(sprintf(lan('form_info_error'), $cat['title']), url('customform', array('catid' => $catid)), "error");
		}
	}

	public function close()
	{
		$seo['title'] = $this->lang["seotitle"];
		$seo['keywords'] = $this->lang["seokey"];
		$seo['description'] = $this->lang["seodesc"];
		$cfg = $this->cfg;
		$lang = $this->lang;
		$rootcat = $this->rootcat;
		$cat = $this->cat;
		if ($cat) $catid = $cat["id"];
		if ($rootcat) $rootcatid = $cat["id"];
		include tpl('closesite');
	}

	public function test()
	{
		header("Content-Type: text/html;charset=utf-8");
		$seo['title'] = $this->lang["seotitle"];
		$seo['keywords'] = $this->lang["seokey"];
		$seo['description'] = $this->lang["seodesc"];
		//$strpath="/uploads/image/20200422/../../../../../../test.txt";
		//$strpath="%2Fyunyecms2%2Fdata%2Finstall.lock";
		//$strpath="/uploads/image/20190209/1549699527694834.jpg";
		//$pathurl=usafepic($strpath);
		// var_dump($pathurl);
		//echo url('/login');
		//echo url('',array('a'=>1,'b'=>2));
		//$catlist=getcat(0,3);
		//$parent=getbreadcumb(13);
		//include tpl();
	}
}
